Google redirect virus is a very malicious program spread by hackers to steal Google’s traffic by infecting millions of PCs. The virus uses sophisticated hacking techniques which makes it extremely hard to remove. This is the reason why most antivirus programs are unable to remove it. Please beware that following manual removal instructions may lead to that your PC crashes. It is therefore recommended that you use a legitimate removal tool to remove the Google redirect virus.

Thursday, November 10, 2011

What is Google Redirect Virus?

You have probably found this blog because you are among those unlucky Internet users who have been victimized by the dreaded Google redirecting virus (Also known as Yahoo Redirect Virus or Bing Redirect Virus). This virus is one of the most virulent parasites spread by highly skilled cyber criminals with the main goal to infect as many computers as possible around the world.

Since the Google virus was first detected in 2009 it has hijacked millions of computers around the world and it's getting more and more aggressive with time. The virus began to spread so widely in 2011 that Google needed to uncover the problem and warn more than two million of its users that their computer has been infected with the virus.

The Google virus has hundreds of variants / clones and is therefore known by a variety of names. Most commonly it is called the Google Redirect Virus, Google Malware, Google Hijack Virus or Google Search Virus, but its rootkit modifications are better known as TDSS rootkit, TDL3 / TDL4 rootkit, Alueron rootkit, Zero Access / ZAccess Rootkit, Serifef rootkit and Backdoor.Tidserv (Symantec).

The concept of the Google redirect virus is really simple. The scammers behind the virus make money by compromising your computer’s core Internet settings by changing the DNS, Registry, HOSTS file and other vital proxy values, which will modify the re-routing process and redirect your Yahoo, Bing and Google search requests to their own deceptive websites. The main reasons behind these malicious redirects is to make profit for themselves by spamming you with advertisement, steal your private information, or mislead you into downloading and purchasing various rogue software (fake antivirus and registry cleaner programs).

Once your computer is hijacked, and you type a search keyword in to the Google search box (or any other search engines), it will show the related search results, but the provided links will take you to another fake search page instead of the websites you wanted to visit. As these redirects are only occurring while searching online, it may seem to be an issue within the search engine itself. This is the reason why many users think that Google, Bing or Yahoo is the origin of the issue, while the virus is actually on their own computers.

These are the most common signs that you have the Google virus:

Computer and network connection will be significantly decreased

All types of web browsers are redirecting you to pages you didn’t intend to visit

Strange services and processes are running in the Windows Task Manager

Automated ad clickers and keylogger programs are running in the background

Computer screen will be bombarded by fake virus alerts and bogus popup notifications

Antivirus and firewall programs wont start on system start up

You computer is blocked from accessing certain security related websites

Unknown shortcuts and tray icons will appear on your desktop

Altered computer background wallpaper

The removal of the redirect virus is of very high complexity since the malware is using a sophisticated rootkit technique, specifically designed to hide from traditional security applications. The creators of the virus are constantly monitoring the leading security companies and changing the rootkit to be undetected by their virus definitions. This is the reason why most of the known antivirus products fail to detect or completely remove it.

There are many websites offering manual removal instructions on how to fix the virus. While it’s technically possible to get rid of the Google redirect virus manually, it should only be done with caution and only carried out by highly qualified computer experts or security professionals. Lack of required removal skills may cause critical damage the operating system and even result that the infected computer and its hard disk will completely crash.

The Yahoo/Bing/Google redirect virus is very high security and privacy risk. To restore your computer and ensure trouble-free and fast removal it is essential that you use a reliable anit-malware tool that is specialized on removing spyware, rootkits, trojans, browser hijackers and other search engine redirecting viruses.